BleepingComputerOct 25

A new phishing technique dubbed 'CoPhish' weaponizes Microsoft Copilot Studio agents to deliver fraudulent OAuth consent requests via legitimate and trusted Microsoft domains.

Microsoft told BleepingComputer they plan on fixing it in a future update.
https://www.bleepingcomputer.com/news/security/new-cophish-attack-steals-oauth-tokens-via-copilot-studio-agents/

New CoPhish attack steals OAuth tokens via Copilot Studio agents

A new phishing technique dubbed 'CoPhish' weaponizes Microsoft Copilot Studio agents to deliver fraudulent OAuth consent requests via legitimate and trusted Microsoft domains.

BleepingComputer
Show threadJason
@BleepingComputer a service like this is such a pain to control using SWG policy. Developers want to use the feature but now we need an access policy to prevent less sophisticated users from getting hit with a phishing link. Then devs complain they can't demo their mock up with their customers during sprint reviews.
Oct 25 at 7:01pmWeb